Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• Officials
announced September 14 that 5 cooling towers, power lines, and communications
at the Geysers geothermal power generation facility were damaged due to the
Valley Fire in California. – Los Angeles Times

3. September
14, Los Angeles Times – (California) Northern California Valley
fire damages part of huge geothermal power generator. Houston-based Calpine
announced September 14 that five cooling towers, power lines, and
communications at the Geysers geothermal power generation facility along the
Sonoma County and Lake County borders were damaged due to the Valley Fire
burning in northern California. Officials reported that the damage did not
impact services.

• General Motors Co
announced September 17 that it would pay $900 million and admit fault to
resolve a U.S. criminal investigation into the company’s handling of defective
ignition switches in its vehicles and failure to disclose the defect to
customers. – Reuters

4. September
17, Reuters – (National) GM to pay $900 million to end U.S. criminal
ignition switch probe. General Motors Co (GM) announced it would pay $900
million September 17 and admit fault to resolve a U.S. criminal investigation
into the company’s handling of defective ignition switches in its vehicles and
allegations that GM failed to disclose the defect and misled customers and the
government about the safety of affected models. GM also agreed to a $575
million partial settlement in separate nationwide private and shareholder litigation. Source:
http://www.reuters.com/article/2015/09/17/us-gm-probe-idUSKCN0RG2WF20150917

7. September
16, Reuters – (National) CVS Health in $48 million settlement of lawsuit
over hiding loss. CVS Health Corp agreed to pay $48 million to resolve
charges accusing the company of fraudulently concealing a $4.5 billion loss of
annual revenue in its pharmacy benefits manager business, leading to a dip in
stock price on November 2009. Source: http://www.reuters.com/article/2015/09/16/cvs-health-settlement-idUSL1N11M12K20150916

20. September
17, Forbes – (International) Chinese-based cyber attacks on US military are
‘advanced, persistent and ongoing’: Report. Trend Micro released research
confirming that the Chinese advanced persistent threat (APT) group dubbed Iron
Tiger was observed stealing trillions of bytes of data from U.S. defense
contractors, intelligence agencies, FBI-based partners, other government
entities, and tech-based contractors in the electric, aerospace, intelligence,
telecommunications, energy, and nuclear engineering industries, including
Westinghouse Electric Company. The group is believed to be an iteration of
Emissary Panda/Threat Group 3390, who previously focused on east-Asian
political targets. Source: http://www.forbes.com/sites/lisabrownlee/2015/09/17/chinese-cyber-attacks-on-us-military-interests-confirmed-as-advanced-persistent-and-ongoing/

21. September
17, Help Net Security – (International) 80% increase of malware on
Windows devices. Alcatel-Lucent released report findings revealing that 80
percent of mobile network malware infections detected in the first half of 2015
were found on Windows-based systems, that 10 of the largest threats on
smartphones were mobile spyware, and that the prevalence of adware has been
increasing, among other findings. Source: http://www.net-security.org/malware_news.php?id=3102

22. September
17, The Register – (International) Malware links Russians to 7-year global
cyberspy campaign. Security researchers from F-Secure released new analysis
revealing that the group behind the Dukes 7-year cyber-espionage malware
campaign has been utilizing unique malware toolsets to steal information from
governments worldwide as well as non-government organizations (NGOs).
Researchers believe that the group operated to support Russian intelligence
gathering. Source: http://www.theregister.co.uk/2015/09/17/russian_cyberspy_dukes_campaign/

23. September
17, Threatpost – (International) Dutch police arrest CoinVault ransomware
authors. Dutch authorities arrested two suspects believed to be behind the
CoinVault ransomware campaign that started in May 2014 and targeted over 1,500 users in nearly 24
countries. The ransomware encrypted victims’ files and made them unrecoverable
until payment was received. Source: https://threatpost.com/dutch-police-arrest-alleged-coinvault-ransomware-authors/114707/

24. September
16, Threatpost – (International) Schenider patches plaintext credentials bug
in building automation system. Schneider Electric released a firmware
update for its StruxureWare Building Expert automation system addressing a
remotely executable vulnerability regarding how the system transmits user
credentials in plaintext between server and client machines. The Industrial
Control System Cyber Emergency Response Team reported that the vulnerability
has not been publicly exploited. Source: https://threatpost.com/schneider-patches-plaintext-credentials-bug-in-building-automation-system/114702/

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"